CLAIM AMENDMENTS 



This listing of claims will replace all prior versions, and 
listings, of claims in the application: 

Listing of Claims: 

1 (currently amended) . A method for authenticating a data set 
between a proving unit and a verifying unit, which comprises 
the steps of: 

a) communicating the data set from one of the proving and 
verifying units to a respective other of the proving and 
verifying units such that the data set is in an unencrypted 
form to both the proving and verifying units after completing 
the communicating step a) ; 

b) generating at least one data element in the verifying 
unit; 

c) using the verifying unit to encrypt the data element in a 
first cryptographic encryption method using a public key of 
the proving unit resulting in at least one encrypted data 
element, and the public key is known to the verifying unit; 

d) communicating the encrypted data element from the 
verifying unit to the proving unit; 
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e) using the proving unit to decrypt the encrypted data 
element in a first decryption method, assigned to the first 
cryptographic encryption method, using a private key known 
only to the proving unit; 

f) using the proving unit to calculate, from the data set to 
be authenticated, in a second cryptographic method, an 
authenticator dependent on the data element; 

g) communicating the authenticator from the proving unit to 
the verifying unit; 

h) using the verifying unit to check the authenticator with 
an aid of an authentication checking algorithm, assigned to 
the second cryptographic method using the data element and the 
data set; and 

i) accepting the data set as communicated by the proving unit 
to the verifying unit in dependence on a result of the check 
performed in step h) . 

2 (original) . The method according to claim 1, which further 
comprises during the step a) , using the proving unit to 
communicate the data set in unencrypted form to the verifying 
unit . 
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3 (original) . The method according to claim 1, which further 
comprises using the verifying unit to generate the data set as 
a random element and subsequently , in the step a) , 
communicating the data set to the proving unit. 

4 (original) . The method according to claim 1, which further 
comprises during the step h) : 

forming the authentication checking algorithm to be 
substantially identical to the second cryptographic method for 
authenticator generation; 

applying the authentication checking algorithm by the 
verifying unit to the data element and the data set for 
forming a reference authenticator; and 

comparing the reference authenticator with the authenticator. 

5 (original) . The method according to claim 1, which further 
comprises during the step h) : 

forming the authentication checking algorithm with a 
decryption method corresponding to the second cryptographic 
method for generating the authenticator for an associated 
encryption method; 
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applying the authentication checking algorithm by the 
verifying unit to the authenticator by decryption for forming 
a reference data element and a reference data set; and 

comparing the reference data element and the reference data 
set with the data element and the data set. 

6 (original) . The method according to claim 1, which further 
comprises : 

repeating steps b) , c) , d) and e) for generating at least one 
further data element before performing the step f ) ; and 

using the proving unit to encrypt the data set to be 
authenticated in step f) in a manner dependent on the data 
element and the further data element to form the 
authenticator. 

7 (original). The method according to claim 1, which further 
comprises carrying out the first cryptographic encryption 
method and the first decryption method assigned thereto using 
discrete exponentiation in a semigroup. 

8 (original). The method according to claim 7, which further 
comprises carrying out the first cryptographic encryption 
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method and the first decryption method assigned thereto using 
an algorithm based on elliptical curves. 

9 (original) . The method according to claim 7, which further 
comprises performing the first cryptographic encryption method 
with the steps of: 

using the verifying unit to generate a number t e T, where T 
is a subrange of integers; 

using the verifying unit to calculate element h f(t> e H, where 
f : T T 1 is a mapping into a subrange T 1 of the integers, 
which is not necessarily different from T, H represents a 
multiplicatively written semigroup generated by element h, 
with a discrete exponentiation of a base h as a one-way 
function in the semigroup Ho- 
using the verifying unit to calculate from the public key, k pub 
= h f(d) g H, element 7i(k pub f(t) ) e G, . where n : H -> G specifies a 
mapping of the semigroup H into a group G, d = kp riv e T is the 
private key which is accessible only to the proving unit, and 
a mapping t — > h f(t) -» 7r(h f(t) ) from the subrange of the integers 
T to the group G represents a one-way function; and 
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using the verifying unit to encrypt the data element, z, by a 
combination with respect to the encrypted data element, z f = z 
o 7t(k pub f(t> ) g G. 

10 (original) . The method according to claim 9, which further 
comprises during the step d) , in addition to the encrypted 
data element, using the verifying unit to communicate the 
element h f(t) e H to the proving unit. 

11 (original) . The method according to claim 10, which 
further comprises performing the first cryptographic 
decryption method by the steps of: 

using the proving unit to calculate the element k pub f(t> e H 
using function f, the element h f(t) e H and the private key d 
known only to the proving unit; 

using the proving unit to calculate an inverse element 
tc 1 (k pub f (t) ) e G with respect to element 7c(k pub f(t) ) e G; and 

using the proving unit to decrypt the encrypted data element 
by a combination of the encrypted data element with inverse 
element: z = z 1 071 1 ( k pub f (t> ) , where the first cryptographic 
decryption method is based on the same mappings f, n and the 



- Page 7 of 18 - 



same combination o as the first cryptographic encryption 
method. 

12 (currently amended) . The method according to claim 11, 
which further comprises performing the second cryptographic 
method with the steps of: 

using the proving unit to calculate, from the at least one 
unencrypted data element z, an element g 2 = 7ti(z) <= Gi and an 
element g 2 = n 2 (z) e G 2 , where [ [G- x ] ] Gi and G 2 represent 
groups where Gi cz G 2 and n± : G — > Gi and 7t 2 : G —> G 2 represent 
functions which map elements of the group G onto the groups Gi 
or G 2 ; 

using the proving unit to transform the data set to be 
authenticated m, to form an element g' = (gi * m) with a group 
combination * in Gi; and 

using the proving unit to calculate the authenticator D, by D 
= inj(g f ) • g 2 with the group combination • in G 2 , where the 
mapping inj : Gi — > G 2 maps elements from Gi injectively into 
G 2 . 
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13 (original) . The method according to claim 1, which further 
comprises performing the following steps before performing 
step b) : 

using the proving unit to communicate the public key with a 
certificate of a trust centers- 
using the verifying unit to check a validity of the public key 
of the proving unit using a certification method; and 

using the verifying unit to continue the communication with 
the proving unit in a manner dependent on a result of the 
check. 

14 (original) . The method according to claim 1, which further 
comprises: 

forming the proving unit as an integrated circuit on a smart 
card; and 

forming the verifying unit as a smart card terminal. 

15 (original) . The method according to claim 1, which further 
comprises forming the proving unit as an integrated circuit in 
an identification/authentication token which is fixedly 
connected to a non-localized object. 
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16 (original). The method according to claim 14, which 
further comprises performing the communication between the 
proving unit and the verifying unit contactlessly . 

17 (currently amended) . The method according to claim 8, 
which further comprises performing the first cryptographic 
encryption method with the steps of: 

using the verifying unit to generate a number t e T, where T 
is a subrange of integers; 

using the verifying unit to calculate element h f(t) e H, where 
f : T — > T 1 is a mapping into a subrange T 1 of the integers, 
which is not necessarily different from T, H represents a 
multiplicatively written semigroup generated by element h, 
with a discrete exponentiation of a base h as one-way function 
in the semigroup Ho- 
using the verifying unit to calculate from the public key, k pub 
= h f(d> g H, element 7r(k pub f(t> ) e G, where n : H G specifies a 
mapping of the semigroup H into a group G, d = k priv e T is the 
private key which is accessible only to the proving unit, and 
a mapping t — > h f(t) — > 7i(h f<t) ) from the subrange of the integers 
T to the group G represents a one-way function; and 
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using the verifying unit to encrypt [ [the] ] at least one data 
element, z, by a combination with respect to the encrypted 
data element, z' = z o 7i(k pub f(t) ) e G. 

18 (original) . The method according to claim 17, which 
further comprises during the step d) , in addition to the 
encrypted data element, using the verifying unit to 
communicate the element h f{t) e H to the proving unit. 

19 (original) . The method according to claim 18, which 
further comprises performing the first cryptographic 
decryption method by the steps of: 

using the proving unit to calculate the element k pub f(t) e H 
using function f , the element h f(t) e H and the private key d 
known only to the proving unit; 

using the proving unit to calculate an inverse element 
7t f (k pub f (t) ) e G with respect to element 7i(k pub f<t) ) e G; and 

using the proving unit to decrypt the encrypted data element 
by a combination of the encrypted data element with inverse 
element: z = z 1 07c 1 (k pub f (t) ) , where the first cryptographic 
decryption method is based on the same mappings f, n and the 

- Page 11 of 18 - 



same combination o as the first cryptographic encryption 
method. 

20 (original) . The method according to claim 19, which 
further comprises performing the second cryptographic method 
with the steps of: 

using the proving unit to calculate, from the at least one 
unencrypted data element z, an element g 2 = TCi(z) e Gi and an 
element g 2 = tc 2 (z) e G 2 , where G- 1 and G2 represent groups where 
Gi a G2 and n± : G — > Gi and n 2 : G — > G 2 represent functions 
which map elements of the group G onto the groups Gi or G 2 ; 

using the proving unit to transform the data set to be 
authenticated m, to form an element g' = (gi * m) with a group 
combination * in Gi; and 

using the proving unit to calculate the authenticator D, by D 
= inj(g') • g 2 with the group combination • in G 2/ where the 
mapping inj : Gi — > G 2 maps elements from Gi injectively into 
G 2 . 

21 (original) . The method according to claim 15, which 
further comprises performing the communication between the 
proving unit and the verifying unit contactlessly. 
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